Friday, January 21, 2022

FinCen Files: Banking Winds of Change


Authors: Álvaro Ruiz Ostos, Gustavo Fideney


Yet again, we are writing about Financial Crime. Four years ago, the world turned upside down after the INTERNATIONAL CONSORTIUM OF INVESTIGATIVE JOURNALISTS (“ICIJ”) uncovered more than 10 million of legal documents that exposed all of MOSSACK & FONSECA’s clients in Panama and unmasked everybody who had an offshore account using their services. This event took the name of Panama Papers, the setting of a Caribbean paradise, the actors of the “soap opera”, and two guys dressed in linen fabrics.

MOSSACK & FONSECA’s scandal, or Panama Papers, created uncertainty and turmoil all over the world and had different effects such as the resignation of several prime ministers, riots in several cities, new regulations and even its own movie on Netflix -opinions apart-. Whether you’re into offshore banking or not, this was an event that changed the perspective of “tax planning” as we knew it and uncovered the asset holding strategies of millions of people and corporations. 

After several attempts to normalize the situation, we all thought things were under control once again in the banking world…yet. Everything seemed fine, the economy was recovering, governments had taken measures to address this situation and the world kept on turning. However, 2020 came with COVID-19. Little did we know when we were singing on New Year’s eve and setting our insta-stories with our New Year’s proposals, that two months later we would be confined in our homes, with a deadly virus that took countless lives and contracted the world’s economy.

Now, when there is turmoil, we will always encounter a criminal group on the lookout for crime opportunities. We saw several criminal attempts such as the Italian mob taking advantage of the draconian lockdown that took place in the Mediterranean country. However, banks kept on performing, as an indicator that we all need to have a place to store our assets, be it a haven or a compliant banking institution (we know red-flagged persons will not choose the latter). However, ICIJ was cooking something else in the meantime: FinCEN Files.  


The world is full of obvious things which nobody by any chance ever observes…” – Arthur Conan Doyle–

For the curious and the inquisitive, FinCen Files are a massive leak of documents that were addressed to FinCEN, mostly Suspicious Activity Reports (“SARs”). FinCEN is the Financial Intelligence Unit (“FIU”) in the United States, responsible for compiling, analyzing and determining responsibility for these reports. The archives were leaked confidentially to BUZZFEED –a news portal- in 2019, who sent it to the ICIJ, where no less than 400 journalists in 88 countries devoted countless hours on analyzing tons of documentation, which finally came to the public eye on September, 20th. 

A couple of days ago, ICIJ released this new investigation which was based on submitted SARs at the FIU of the US. They revealed several failures in the lines of defense in international banking, particularly in top tier banks. This report tells how financial institutions around the world move assets in a regulatory framework in which compliance anti-money laundering (“AML”) programs are mandatory, but that steps aside when it’s time to follow the alerts. 

- Advertisement -

Even though the report hasn’t completely disclosed its content, we can state that this report took secret reports showing that the interest of financial institutions sometimes overcome their legal obligations to prevent money laundering and terrorism financing, by turning a blind eye on several fishy notorious clients. 

What was leaked? Over 2,600 documents that comprised mainly SARs issued to the FIUs from 2000 to 2017. Now, let’s get a bit technical about SAR’s:


According to legal obligations (both global and local) and due diligence processes, financial institutions are obligated to carry on clients, SARs are outcomes of those duties, this is, reports that they are obliged to issue once a “suspicious activity” has been detected that might lead to a potential or current financial crime. 

To keep things simple, Financial institutions use SARs to inform FIUs about suspicious financial activities. For example, if a bank had a client who has been sending funds to a high – risk jurisdiction such as Albania or Afghanistan on a regular basis, on an unexpected manner and in high quantities, the institution is probably witnessing a terrorism financing scheme and should alert the authorities immediately. How do we do this? Through a SAR. 

It’s important to know that SARs are mainly suspicion and not proven facts. That comes to the different law enforcement agencies around the globe, and the banks comply by submitting the SAR.

SARs are initiated on the regulatory framework commonly known as Know Your Customer (“KYC”), and subsequently in the Customer Identification Program (“CIP”), where banks develop a process that is known as due diligence to get to “know” their customers, and find out if they’re up to no good. 

Throughout the named processes, banks are supposed to know how the client’s source of wealth, if they’re on a sanctions list (or their relatives), if they have any criminal records and what do they expect to do with the accounts. Financial institutions need due diligence to spot potential criminal activities being conducted and this is enforced by law….or so we thought?

Once financial institutions perform the KYC process on clients, they might spot a red flag; after analyzing it, they report it, which constitutes filing a SAR. They have now alerted the authorities on a potential money laundering attempt. According to the Bank Secrecy Act (“BSA”), financial institutions within the international banking system are obliged to help FIUs prevent financial crime, by alerting them when something “suspicious” happens in their orbit. This is the Compliance Officer’s (head/chief/committee etc.) duty, which is policing that everything is under control and prepares a SAR when things get out of line. These documents are extremely secretive and handled in the most selective manner. Once the compliance officer spots that the suspicious client is wiring funds to Afghanistan -to get back to our example-, the institution has from 30 to 60 days to alert FinCEN of the potential wrongdoing, and here is where banks allegedly failed… 

It’s important to point out that SARs can’t be used as a proof during trial and can only be shared with the Egmont Group which comprises over 145 FIUs, this is used for preventive measures only.


Fraud is the daughter of greed.” Jonathan Gash, The Great California Game

To start with, the SARs filings took an average of six months. This was enough time to arm a militia in Kabul… 

Following that huge mistake, financial institutions moved assets for beneficial owners that could not be identified, failing to implement the KYC process. Once the FIUs requested further information, banks simply refused to reply. The constant transaction and business making with unknown beneficial owners comprised at least 20% of the cases mentioned in the leaks. The use of offshore banking again came into place to make things more difficult and shady. A beneficial owner is a figure that needs to find a two-legged person at the end of the corporate structure who is actually “benefiting” from the profits of the account. 

- Advertisement -

Third -and worst, to put it kindly-, financial institutions did not red-flag their shady customer’s accounts (freezing the client’s assets) and allegedly allowed them to continue to do business with them, extending the crime commission.

This means that a lot of banking institutions maintained business relationships with high-risk customers for many years – that was poorly policed, and handled in an untimely fashion.


When we thought this unlikely year topped the scandals section, we find this. Panama Papers brought government officials, heads of states and big names in the banking industry into spotlight. Yes, we were all sure we were one step ahead in Banking AML Compliance after that scandal. And we were wrong.

Rules and regulations, commitments by countries signing agreements to fight money laundering, terrorism financing, and all that there is orbiting the aforementioned are feeble without a true governance culture. Where we find money, there is greed and corruption. There have always been low chances this will change, as it is human nature, but do not attend to this massive “red – flags” and financial institutions will suffer, at large, and we all saw financial pillars shake during 2020.

The future is uncertain, but taking a blind guess, we will see compliance departments strengthen, and will surely learn from this “mistakes”. Will we learn from them?

As it works within our industry, whenever there is turmoil, it is followed by new regulations. We must remain attentive to the new developments in this exciting field of international banking. For now, the winds of change are certainly creating two new things: uncertainty on what to expect from the remaining leaks, and the need to start discussing a new smart and flexible AML compliance setting to avoid these situations from happening again. 

Authors Bio

Álvaro Ruiz Ostos – Compliance officer with experience in several broker dealers and financial institutions in the US and Latin America, JD in Law, LLM in Banking and Financial Law (Boston University) and postgraduate of Corporate Law. Alvaro currently implements AML/CFT efforts on the first line of defense for International Wealth Management and Private Banking clients, focusing on the onboarding process of high-risk jurisdiction clients. LinkedIn Profile

Gustavo Fideney– Former senior government official (13 years court clerk, leading Corporate Criminal Investigations/ AML/ Corruption cases). For the past three years, he conducted investigations at Baker McKenzie, particularly on the Criminal and Regulatory Compliance Department (Financial – Banking oriented), and is currently providing Financial Crime Compliance consultancy services across USA – EMEA after moving to Europe for his second masters. JD in Criminal Law and Compliance, an LL.M. in Criminal Taxation (Criminal Corporate Liability – Transfer Pricing Fraud) LL.M. in Criminal Law and Compliance (European – Corporate), ExMBA Candidate 2020-2021, he possesses several postgraduates courses/certifications on AML and Compliance. LinkedIn Profile 

Disclaimer: The opinions expressed in this publication are those of the authors. They do not purport to reflect the opinions or views of the companies where they work or the ones where they provided services for. The information provided is based on the experience gathered while working in governmental agencies, banks and law firms.


Must Read


Latest News